Before we got SiteB-2 set up, SiteB-1 was configured and connected successfully to SiteA. We setup SiteB-2, enabled CARP, and created some virtual IP's to take over the VPN. After reconfiguring the VPN to use the virtual IP's, the VPN will no longer connect. I've deleted the settings on both SiteA and SiteB, recreated them, tried different encryption settings, and nothing seems to work.

SiteA-1 does not have debug turned on (I don't want to kill our active VPN's yet) but all it has during the above time frame is:

racoon: INFO: unsupported PF_KEY message REGISTER

At first I thought it was a side effect of setting up CARP and moving to a virtual IP. I turned off CARP, removed the vip and flipped it all back to the originally working config. It still would never connect. Any ideas what might be causing this?

Anyways, I think we figured it out. We had the two systems on the same network segment. And.. I used the same vhid and carp passwords for both. Once we moved them behind another router on another network, it's been working fine. This also solved our seemingly random flip-flopping of our main pfsense boxes. I guess that's why you shouldn't have multiple vip's in the same carp group on the same network.